Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
---
Resending with Acked-by and Reviewed-by tags.
Please let me know if there's anything else missing.
Thanks,
-Dov
---
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54d1..6bf1a55dea64 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
BuildMemoryAllocationHob (
PcdGet32 (PcdSevLaunchSecretBase),
ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
- EfiBootServicesData
+ EfiReservedMemoryType
);
return EFI_SUCCESS;
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#85273): https://edk2.groups.io/g/devel/message/85273
Mute This Topic: https://groups.io/mt/88186113/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Merged: https://github.com/tianocore/edk2/commit/079a58276b98dc97ca363e3bc8b35cc7baa56d76 > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Dov Murik > Sent: Tuesday, January 4, 2022 3:17 PM > To: devel@edk2.groups.io > Cc: Dov Murik <dovmurik@linux.ibm.com>; Ard Biesheuvel > <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>; > Gerd Hoffmann <kraxel@redhat.com>; Brijesh Singh <brijesh.singh@amd.com>; > Aktas, Erdem <erdemaktas@google.com>; James Bottomley > <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M > <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Tobin > Feldman-Fitzthum <tobin@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com> > Subject: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV > launch secret area as reserved > > Mark the SEV launch secret MEMFD area as reserved, which will allow the > guest OS to use it during the lifetime of the OS, without creating > copies of the sensitive content. > > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> > Cc: Jordan Justen <jordan.l.justen@intel.com> > Cc: Gerd Hoffmann <kraxel@redhat.com> > Cc: Brijesh Singh <brijesh.singh@amd.com> > Cc: Erdem Aktas <erdemaktas@google.com> > Cc: James Bottomley <jejb@linux.ibm.com> > Cc: Jiewen Yao <jiewen.yao@intel.com> > Cc: Min Xu <min.m.xu@intel.com> > Cc: Tom Lendacky <thomas.lendacky@amd.com> > Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com> > Signed-off-by: Dov Murik <dovmurik@linux.ibm.com> > Acked-by: Gerd Hoffmann <kraxel@redhat.com> > Acked-by: Jiewen Yao <Jiewen.Yao@intel.com> > Reviewed-by: Brijesh Singh <brijesh.singh@amd.com> > > --- > > Resending with Acked-by and Reviewed-by tags. > Please let me know if there's anything else missing. > Thanks, > -Dov > > --- > OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c > b/OvmfPkg/AmdSev/SecretPei/SecretPei.c > index db94c26b54d1..6bf1a55dea64 100644 > --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c > +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c > @@ -19,7 +19,7 @@ InitializeSecretPei ( > BuildMemoryAllocationHob ( > > PcdGet32 (PcdSevLaunchSecretBase), > > ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE), > > - EfiBootServicesData > > + EfiReservedMemoryType > > ); > > > > return EFI_SUCCESS; > > -- > 2.25.1 > > > > -=-=-=-=-=-= > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#85273): https://edk2.groups.io/g/devel/message/85273 > Mute This Topic: https://groups.io/mt/88186113/1772286 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com] > -=-=-=-=-=-= > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#85274): https://edk2.groups.io/g/devel/message/85274 Mute This Topic: https://groups.io/mt/88186113/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On 04/01/2022 11:00, Yao, Jiewen wrote: > Merged: https://github.com/tianocore/edk2/commit/079a58276b98dc97ca363e3bc8b35cc7baa56d76 > Thanks! -Dov >> -----Original Message----- >> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Dov Murik >> Sent: Tuesday, January 4, 2022 3:17 PM >> To: devel@edk2.groups.io >> Cc: Dov Murik <dovmurik@linux.ibm.com>; Ard Biesheuvel >> <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>; >> Gerd Hoffmann <kraxel@redhat.com>; Brijesh Singh <brijesh.singh@amd.com>; >> Aktas, Erdem <erdemaktas@google.com>; James Bottomley >> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M >> <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Tobin >> Feldman-Fitzthum <tobin@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com> >> Subject: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV >> launch secret area as reserved >> >> Mark the SEV launch secret MEMFD area as reserved, which will allow the >> guest OS to use it during the lifetime of the OS, without creating >> copies of the sensitive content. >> >> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> >> Cc: Jordan Justen <jordan.l.justen@intel.com> >> Cc: Gerd Hoffmann <kraxel@redhat.com> >> Cc: Brijesh Singh <brijesh.singh@amd.com> >> Cc: Erdem Aktas <erdemaktas@google.com> >> Cc: James Bottomley <jejb@linux.ibm.com> >> Cc: Jiewen Yao <jiewen.yao@intel.com> >> Cc: Min Xu <min.m.xu@intel.com> >> Cc: Tom Lendacky <thomas.lendacky@amd.com> >> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com> >> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com> >> Acked-by: Gerd Hoffmann <kraxel@redhat.com> >> Acked-by: Jiewen Yao <Jiewen.Yao@intel.com> >> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com> >> >> --- >> >> Resending with Acked-by and Reviewed-by tags. >> Please let me know if there's anything else missing. >> Thanks, >> -Dov >> >> --- >> OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> b/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> index db94c26b54d1..6bf1a55dea64 100644 >> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> @@ -19,7 +19,7 @@ InitializeSecretPei ( >> BuildMemoryAllocationHob ( >> >> PcdGet32 (PcdSevLaunchSecretBase), >> >> ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE), >> >> - EfiBootServicesData >> >> + EfiReservedMemoryType >> >> ); >> >> >> >> return EFI_SUCCESS; >> >> -- >> 2.25.1 >> >> >> >> -=-=-=-=-=-= >> Groups.io Links: You receive all messages sent to this group. >> View/Reply Online (#85273): https://edk2.groups.io/g/devel/message/85273 >> Mute This Topic: https://groups.io/mt/88186113/1772286 >> Group Owner: devel+owner@edk2.groups.io >> Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com] >> -=-=-=-=-=-= >> > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#85275): https://edk2.groups.io/g/devel/message/85275 Mute This Topic: https://groups.io/mt/88186113/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.